The more I learn about computer security, the more I wonder if its possible to secure a machine and still be an internet junkie?! I have 4 of the major IM clients, a news ticker or two, and lots of games that I like to run. It's beginning to seem to me that I simply cannot secure my machine and still enjoy all the internet has to offer. Should I quit wasting my time now and make an image of my machine, so I can reformat everytime I'm infected with something? Or, will I actually be able to learn everything I need to know (theoretically) to keep my machine functional yet secure? ???

Hi Corey K!

Don't see it that pessimistic! I love to game as well and I love to use sharing tools. Certainly not the best if you are concerned about security. But there's a simple solution to all that. I'm using two computers. The one for working (very secure) and the other for gaming and sharing stuff (less secure). For me this is the best solution to handle security and fun. If my second computer would be attacked and crashes I don't care much. To reinstall Windows is done quite quickly.

My suggestion to you is, that you use two or three computers. One for working, the others for sharing or gaming. And this hasn't to be expensive! I'm using a relatively old computer for sharing files & gaming. There's certainly an old computer somewhere around you. Just try it out once, it simplyfies your life a lot.

Best regards!

Patrice

Hi Corey K,

Making images or backups is never a bad idea. That said, IMO a computer should be used for the purpose it was bought for.
There is no 100% security, certainly not when you´re online, but you will find that there may be ways of securing the things you like to do, a little more.
For example: you will find that Trillian (http://www.trillian.cc/trillian/index.html) is a little more secure then the IM clients you are probably using separately.
If you have any specific questions as to how we can help you improve security and still have fun, don´t hesitate to ask. Lots of helpful people around here. :)

Regards,

Pieter

Yeah, security can be a happy experience too, if you know you have the proper tools, configured fine and knowing what to look for. Update the tools and windows, browsers, scanners, don't panic but as Pieter says ask and get educated and be happy on internet.
Who cares for a portscanner if you know to be protected, you scan your system for (im)possible infections and enjoy internet even more!

Thanks for the suggestion. Lemme expand on it a little. First off, I'm poor and live in So-Cal... Contradiction, I know. However, I do happen to have a small parts graveyard here, and have three working systems. I don't really have any super-sensitive data to protect, the problem is that any trojan attacks, web-pop ups and the like are limiting my experience.
Tonight (its almost 6 am) I was wakened by some kind of pop-up based invader in my machine. I have my system plugged into a 600watt Sony system as the core component in my makeshift home-entertainment setup. This pop-up was a speech recording that presented a "Work from Home" sales pitch to me at approximately 3:30 am. This is really NUTZ! I mean, what else can they do? Invading my privacy, HELL, this is almost construable as a form of criminal Assault! Speech! aka a sound file! How did they pull that off? Not just a pop-up that dropped me outta my online game to see some grey dialog box with an "OK" button...SPEECH! To add to the insult, and my growing "fear", my VERY stable Win2k system rebooted(or crashed, but it rebooted nonetheless) shortly thereafter. THATS when I got up and came to scan my system. My system doesn't lock and reboot like that. Especially when its not attended.
I just don't know.
I've been considering setting up one of my older machines as a proxy server for my link to the internet. I know that research into the ins and out of Proxies could take weeks, so before I start: Do you think its possible to set up a proxy to host my home network's dial-up (and future broadband) connection? Well, I know its possible, but all those little programs I like need ports left open! Those are the ports the web pop-ups are coming in on aren't they? Is it possible to code some sort of filter to only accept packets from those programs' hosted IPs? Has anyone even thought of that yet? Sort of an authenticated connection/or tunneling simulator, if you will, for various programs...
AIM, Yahoo! and MSN Messenger and ICQ... these all have distinct ports, I have learned, and when I TCPView-End their processes the pop-ups "appear" to stop... (may be a coincidence, I haven't completely determined, yet)
All that aside, I am thinking that a proxy server may simply be a redundant weakpoint once I have enabled all the ports that need to pass through.
I'm sorry if my knowledge of the topic is limited and confusing. I am highly intelligent and can learn about all this stuff if I set out to, but I'm wantin to know if I shuold even bother. Kinda like, "If we change the way we live, the terrorists have already won!" aka that's why people pay Security companies for their work. Well, I can't afford to pay anyone for this stuff. (So, with that said, is there a key product I should try to purchase? Or, a key subject I should study in depth?)

Maybe I could explore setting the IMs up on a proxy and writing some sort of script to notify me when I receive a message?

I'm rambling, and you folks are less than obligated to respond, but I thank-you, just the same. Thank-you VERY much for lending your knowledge.
Corey

Hi Corey K,

I think this might be what you have in mind: http://www.dubbele.com/
Not my field, but others will happily jump in. :)

Regards,

Pieter

thanks. Again rekindling my Linux/UNIX curiosity... (usually abandoned due to lack of software that I care to use...) If I decide to run a firewalled proxy server, I think that's what I'll use.
Thank-you.
Corey

Isn't there some kinda log file I can look at to determine why my system crashed/rebooted? Win2k. Also, is there a source for info on decyphering it?

Oh yeah! Almost forgot... one thing I've wanted to know for months now... Is there a reference somewhere online for what processes are what in Win2k? I mean... what are all those processes? Which ones are normal... that sorta thing. Is there a reference for what each file is/does on the Win2k Cd-rom?

Corey

Hi Corey K,

The info on the crash may be found in your System log: Control Panel > Administrative Tools > Event logs

Starting processes: http://www.pacs-portal.co.uk/startup_pages/startup_full.htm

Services Win2K: http://www.blackviper.com/WIN2K/servicecfg.htm

How to backup the regsitry before tinkering (http://www.zoneutils.com/regheal/help/createfullregistrybackup.htm)

I´ll pass on the files on the Windows CD. ;D

Regards,

Pieter

"Bitchin!" Thanks a ton, Pieter! Now I know what I'll be doin with my Saturday! Heh.

In my opinion you will never make any computer 100% safe. Every time you drive a car you risk getting killed. Every home owner risks burglary. But do we stop engaging in these activities, NO! We mustn’t let the creeps out there make us live in fear and stop doing the things we enjoy. Simply enjoy, and I really mean that, making your pc as safe as possible (it’s fun!). Practice safe hex, don’t store sensitive information on your pc (credit card and social security numbers, etc.), use recommended security software, and frequent Wilders and other help groups. Good luck and enjoy.

Acadia.

Hi Corey K.!

What about a router in front of your three computers? I think you don't need to set a proxy. With the router you got the possibility to make your computers invisible to others. I'm having three computers as well, and I decided to put a router in front of them. I'm pretty happy with it. And after all it's not that expensive and time consuming.

The router I'm using is from Linksys -BEFSR41. The settings aren't that difficult. If you wanna know more about that, let me know!

Best regards!

Patrice

Patrice, You beat me to it! The price of the little linkies is relatively low now and the additional functionallity like fast networking, NAT etc. makes it a really good buy. I have had mine for two years now & would not be without it.
Add a good free firewall such as Sygate or ZA for outbound protection and away you go ;D Always remembering that the even best security is not 100% so in my view image backups are also imperitive

Reading through a site like Wilders will soon guide the security unintiated in the right direction. ;)

Hi Pilli!

Yeah, they help to make life easier! Besides the router I use NAV 2003, TDS-3 and Look'n'Stop. These are my main defensive system, sure I got plenty other smaller tools as well.

I bought a router because I was very unhappy with the situation, that some ports on the computers were visible... A software firewall is nice, but if you have several computers, you need to do a lot of settings (and not every one inside the network wants to deal with a firewall...). That's why I decided to set a router in front of the whole network. Pretty simple, pretty smart such a device!

Have fun!

Patrice

Patrice, You will find PE is an excellent addition as well - Watching every outbound connection & process:

Have to get this thread back on track ;D

Do you know ...
... who or what is connected to your computer?
... which process is using a particular port?
... if any of your personal data is being sent out to the Internet?
... if any programs on your computer are listening, waiting for somebody to connect?
... which programs on your computer are running as invisible servers (possibly trojans)?
... which programs on your computer transmit information to the Internet without you knowing?

Pilli
For starters, I'm not totally blind at this point... I've got some exploring under my belt... what I have done is install TDS-3 and I download the latest radii about weekly. The latest radius installed, TDS-3 found nothing this morning. I've really read up on the program and, correct me if I'm wrong, but it seems to me that they pretty much cover the ENTIRE scope of Trojans. If the day ever comes that I have an extra $100 lying around, I'd like to purchase their whole suite... however, by that time there may be nanorobotic fruit flies phasing through my electromagnetic window screen force fields and landing on my telepathic network interface to infect me, so for now I've got what I've got. LOL... no it'll be sooner than that!
I'm versed with popping up TCP-View to see whats goin on when I hear unsolicited hard disk activity. Thanks to Pieter's post this morning, I am working on identifying all SYSTEM connections, and I intend to use some trial and error to map all my regular programs' connections one at a time.
Has someone somewhere written a comprehensive dictionary-form port map? I've seen port map lists, but not explainations for the gibberish they displayed. I'm working on that one, but again, correct me if I'm wrong, but couldn't anyone with any malicious or just plain invasive intent, simply rename the process to something else that hasn't been named yet? Or worse yet, rename it to something that IS a name of a legitimate process my system may run? Perhaps they would name it something that I don't have loaded at start-up, but later on may be executed. Would that cause a crash or any sort of error that could be traced? Could they name it something really common that my computer always has running and would the computer merely consider it unworthy to mention that this is a second copy of a process with the same name?
Personal data on the internet? Of course! Bank records, ssn, phone numbers, dating service personal info, you name it! BUT! I gotta net worth of about a buck! Who cares, right? Where the hell is it going... bastards! TDS-3 would detect a key-logger and/or the Trojan that would have HAD to be used(?) to place such a keylogger, and every site I put personal info on establishes an SSL connect first. That's secure isn't it? I have 128 bit installed, if they want to decypher my love letters and my .29c bank balance (no kidding, REALLY... I'm laughing all the way to the recycling center to cash in some aluminum cans for food right now...) then they earned it in my twisted opinion. OK. So, is it that secure? As long as there's no trojan and no keylogger and the info is sent via SSL I'm safe right? (no one has physical access... period)
There are programs listening. AIM, MSN, Yahoo and ICQ run at all times,
if I didn't keep them on, that would limit my main communications medium with everyone from my parents 150 miles away to my brother 3000 miles away to my friend in the next town. Those programs have little icons in TCP-View that identify them, and I have TraceRted them at times for entertainment/curiosity and found nothing that seemed unusual, to an amateur's eye. Should I keep a closer eye on them. I do not communicate with folks at random. And I know what an IM process looks like. I am sure that none of my pop-ups are coming from people I IM to. As far as the others, I'll be learning about them shortly.
What I'm thinkin about mostly, however, is how they get those dialog boxes to pop up on my screen? Techno-mechanically, how do they do it? I figure my best guess is that they are using the ports that one of the IM programs listen on. But, how do they get it to pop up a box like that? I am assuming that they flood random IP addresses with packets containg the tiny programs sent to the same ports on all. Is that whats happening? And if so how do the boxes get executed to pop up? And how on earth did they get a sound file on here at 3:30 am?
I should be able to shut down a lot of unnecessary ports/standard windows services here over the next few days; such as Telnet, SMTP, FTP and the like. Do you know if I will lose any functionality being that there is no server functionality intended for my machine? If I want to add such accesories later, I will research individual security relating to each of them as I wish to add them. For now, I am a gamer, communicator, bank-balance-checker, and general web-surfer.
I have also downoaded all of Microsoft's security updates.
Can I install something like Zone Alarm and have it start out blocking every single port, or at least have it warn me to every single packet going in or out, and then one at a time, allow the traffic as I identify it as safe? Which brings me back to my suspicion that the pop-ups are coming in on IM ports which I would lik to keep open. But, is that how Zone Alarm works? Do you recommend any other firewall programs? I'm gonna look into NAV 2003 and Look 'n' Stop right now. Never heard of 'em.
OK, so, to help answer my question, you give me six questions, I give you SIXTY back... heh heh... if anything I said here sounds like maybe I only mention two points of a key technology that has three important points or any similar missing details, please let me know that I missed something.
You folks are great! I never imagined I'd get much help anywhere, let alone ALL of this so soon! Thank-you... I've learned more in a few hours than I've learned in months past. good luck answering this post, as I've come to believe you all will...
thanks again,
Corey

Hi Corey,
{QUOTE-> ...correct me if I'm wrong, but couldn't anyone with any malicious or just plain invasive intent, simply rename the process to something else that hasn't been named yet? Or worse yet, rename it to something that IS a name of a legitimate process my system may run? Perhaps they would name it something that I don't have loaded at start-up, but later on may be executed. Would that cause a crash or any sort of error that could be traced? Could they name it something really common that my computer always has running and would the computer merely consider it unworthy to mention that this is a second copy of a process with the same name? <-QUOTE}

These are very real possibilities, which is why AV/AT scanners check things the way they do for just such occurrences.

Of course, "knowing your system" is key to being able to spot changes to it. I see there was a link to the blackviper (http://www.blkviper.com/) site above, (which at the time I'm posting this appears to be down, but it comes and goes sometimes), that will help you to disable any unnecessary services you have running on W2K, which will make it easier to see all the rest.

When you've trimmed a few things down, you can also run StartupList 1.52.1, downloadable from http://www.lurkhere.com/~nicefiles/, to help get a handle on what all starts on your system when you boot. (It's quite a surprise to see all the places things start from on a Windows system ;) )

It may help you find either additional unneeded things, which you can disable, or even the start ups of trojans and the like. Using this program repeatedly over time will help you recognise changes to your system startups, which may help you identify the cause of problems, too. Most malware needs to start-up at system boot, so this is a useful tool, among many others, to get a handle on things.

Wow! Cory K Some post! :o
Has someone somewhere written a comprehensive dictionary-form port map? I've seen port map lists, but not explainations for the gibberish they displayed.

I am sure someone has :) Have you tried Googling for it?

correct me if I'm wrong, but couldn't anyone with any malicious or just plain invasive intent, simply rename the process to something else that hasn't been named yet? Or worse yet, rename it to something that IS a name of a legitimate process my system may run? Perhaps they would name it something that I don't have loaded at start-up, but later on may be executed. Would that cause a crash or any sort of error that could be traced? Could they name it something really common that my computer always has running and would the computer merely consider it unworthy to mention that this is a second copy of a process with the same name?


You are correct, For instance the QAZ Trojan uses Notepad.exe, Sygate Pro 5 Has driver & dll protection, I believe Tiny personal firewall & Kerio both use MD5 file protection, I am sure most firewalls now offer this type of protection.
TDS3 startup scan does a lot of integrity testing if everything is selected.

I am sure that none of my pop-ups are coming from people I IM to. As far as the others, I'll be learning about them shortly.
What I'm thinkin about mostly, however, is how they get those dialog boxes to pop up on my screen? Techno-mechanically, how do they do it? I figure my best guess is that they are using the ports that one of the IM programs listen on. But, how do they get it to pop up a box like that? I am assuming that they flood random IP addresses with packets containg the tiny programs sent to the same ports on all. Is that whats happening? And if so how do the boxes get executed to pop up? And how on earth did they get a sound file on here at 3:30 am?


Not sure about W2K services, I would to reboot into it to find out but does W2K have the Messenger service as found in XP - This is not IM messaging but an Admin service. I belive that there is an exploit on this service that allows adds etc. to be placed on ones PC - If W2K has this service you can diasable it.
You might also try Spybot Search & destroy and AdAware 6 to see if some form of spyware is running.

Think that is all I can manage tonight and I hope it is of some help - I am sure others will chip in with more useful information.

{QUOTE-> quoting: Pilli link=board=7;threadid=8585;start=15#55699 date=1050787148]
Not sure about W2K services, I would to reboot into it to find out but does W2K have the Messenger service as found in XP - This is not IM messaging but an Admin service. I belive that there is an exploit on this service that allows adds etc. to be placed on ones PC - If W2K has this service you can diasable it.
<-QUOTE}

The messenger service runs on 95, 98, Me win2k and XP.

Using the Messenger Service anyone in the world can send pop up messages to your computer, you can disable the Messenger service. Its easy to reverse at a later time.

For Windows 2000 and XP this is a way to disable it:

* Go to start and click Run
* Type services.msc
* Double-click on Messenger.
* In the Messenger Properties window, select Stop, then choose Disable as the Startup Type.
* Click OK.

This service is indeed being used to spam IP ranges, but I don´t think this would account for the soundfile.

Regards,

Pieter

Hmm, about the messenger service, you don't have to stop it, just stop port 139 udp/tcp listening on the Internet.
Dolf

Hi Dollefie,

That is another way to get rid of the popups, but if you are not on a network that uses the messenger service, why not save on the running process as well?

Regards,

Pieter

Taken from a thread in the MS NG's by Jupiter:

Quote:

This will not work if you have AOL.
AOL is not compatible with Windows XP Internet Connection Firewall
(ICF)
If you have AOL, you should contact AOL and/or get a 3rd party
firewall.
For Messenger Service ads:
You need to install or enable a firewall:
http://support.microsoft.com/default.aspx?scid=KB;EN-US;Q330904&
Disabling Messenger Service can be a good idea, but it does not solve
the real problem.
The ads are not the real problem, the ads are only a symptom.
The real problem is open ports that allow unwanted traffic into the
computer.
Disabling Messenger does nothing for the open ports.
The firewall controls the traffic.


Disable Messenger Service:
Start/Control Panel, click Administrative Tools, click Services.
Go down to "Messenger".
Right click "Messenger" and select Properties.
Then under Start-up select DISABLE
Click OK and follow prompts

Run Ad-Aware (free version) or Spybot to check for spyware:
http://www.lavasoft.de/
Or
http://spybot.eon.net.au/


For internet pop-ups, try one of these:
http://www.panicware.com/
http://www.bysoft.se/sureshot/stopthepop/index.html
http://www.popupbuster.com/PopUpBuster/
http://www.kolumbus.fi/eero.muhonen/FS/
http://www.endpopups.com/
http://www.adshield.org/

Hi all, one remark, we are not confusing msn messenger with this windows system messenger, as you say it can run also on win9* systems?
I've never seen it happening on win9* systems till recently somewhere in a network, where i'm not sure which of the messengers is the popup nasty there and how to solve it.
Think their host is a NT.
If you say it's just telling them to block port 139 that would be great of course, while i thought on a 9* system it not appearing had to do with settings somewhere, but in the control panel i don't see a windows messenger service or i might overlook it.

Hi Jooske,

Different name and removal instructions for Windows 95, 98, and ME

* Under Control Panel, select Add/Remove.
* Select Windows Setup.
* Select System Tools.
* Click Details.
* Uncheck WinPopUp.
* Click OK.
* Reboot

Regards,

Pieter

This is a good instruction i'll tell the sysop of that network!
I see i have it checked/installed and still no popups, so probably that has to do with the blocked 139, right?
Thanks a lot in name of many users!

Wow! All I can say is, "I'm impressed..." You folks are great. What a response. I've learned so much so fast its staggering! In fact, I absorbed so much that I passed out on my couch at 9pm last night as opposed to my customary 1am... Thank-you, thank-you, and... thank-you!
I am still working on processing all the information. This morning I began MASSIVE service disabling and unnecessary "crap" removal from my system. I had intended to spend the rest of today and all of tommorrow studying and tweaking and research, however, I made one major mistake. Whilst rebooting, and retweaking this morning, I left my phone line open aka not on the internet. So, my parents got through and I have been drafted for the Easter barbeque/dinner, etc. Alas... I shall have to continue my education in a few days. Keep the thread goin though. It's great, hopefully many others will see be able to view it and I'm sure I still have much to learn.
Once again, "Thank-you, All..."
Corey

Take your time Corey and enjoy the bbq and easter dinner and all the family joy. That's part of life too.
The educational part can wait, there's always somebody jumping in for your questions.
we all jump in because we do like it so much and we learn each day new details ourselves too, with which we can help our own systems and from people around.
So first do enjoy the dinner (ever noticed at least half of the TDS friendly greetings have something to do with food too?) So you later!

Corey,
Hope you enjoyed Easter. You've received more than enough information here to digest. I just wanted to add that you don't need SPF Pro to get driver and dll protection. You can get those in the free version of SPF. I've been pretty impressed with Sygate's firewall. But if you do start to use it, don't just select allow for your trusted applications; go to the applications window and change the settings for each allowed application to uncheck the server option. By default, SPF gives server privileges to applications you allow, but most applications don't need to function as servers.

For an advanced (but easy-to-use) autostart viewer, see DiamondCS Autostart Viewer
http://www.diamondcs.com.au/index.php?page=asguard

Currently detects 51 different autostart locations - far more than any other autostart viewing program :)
And ... it's 100% free!

{QUOTE-> quoting: Pieter_Arntz link=board=7;threadid=8585;start=15#55808 date=1050839843]
Hi Jooske,

Different name and removal instructions for Windows 95, 98, and ME

* Under Control Panel, select Add/Remove.
* Select Windows Setup.
* Select System Tools.
* Click Details.
* Uncheck WinPopUp.
* Click OK.
* Reboot

Regards,

Pieter
<-QUOTE}

To my knowledge, WinPopUp isn't running by default. At least I've not ever seen a Win 9x machine in which it was running (by default or otherwise). :)

People either install it as part of the tools and you can either configure it to start with windows or start it manually.
But if you have that port 139 blocked by the firewall and some more it will not popup that easily.

Oops,
In my earlier post in this thread I mentioned port 139 tcp/udp to close.
It should be 135 udp.
Sorry
Dolf

Have that blocked too anyway, so no prob :)

Hey folks... me again... long time no see...
Ok so I learned a ton and am still on track learnin new stuff every single day to do with security, TCP/IP and Internet Mechanics (if you will) and lately have delved into Scripting... VERY excited.... bringing my C knowledge back from the cobwebs...

New question bout these firewalls... everyone keeps saying to block this port or bloack that port... I've downloaded and tested out just about every firewall I could find... (for free anyways... heh heh) And

I've yet to see a proggie that lets me "turn" ports "off and on"... the

firewalls all seem to manage that stuff without much flex from me...
right now I'm prolly gonna stick with Agnitum Outpost... MAYBE try another round with Sygate...
Any comments ?

Thanks again!
Corey

Hi Corey,
think you occupy yourself nicely in getting to know some of the software and what they do, i'd recommend have a look at the new tool (free) which DCS will release tonight or a few hours after that, which i think you will really like!
You are on XP or win2k aren't you?
You have already PE to watch ports and disable their traffic, for the firewalls i think that is a very personal taste!
I hear good things about LnS, Outpost, Sygate, Kerio, ZAPro, each for their own special reasons and depending on the rest of the configuration, with router or without, etc.

Hi Corey,

have a look at Look'n'Stop, it's a very good software firewall, which not only protects you outside-in, but also inside-out. Last but not least the support is fabulous!! Just go ahead, the forum of it is at Wilders as well! ;)

Regards,

Patrice

Hello Corey K

Outpost is a very flexible firewall allowing you to be able to configure it as you may wish or let it do most of the work with little or no bother by you. With it you can block individual ports if you wish (by application) but the FW does quite well by the default settings.

>>have a look at Look'n'Stop, it's a very good software firewall, which not only protects you outside-in, but also inside-out.<< quote from Patrice

As does Outpost (did not want to let that to slip by).

Corey - For comprehensive security please consider all these programs (of which some you have already):

Firewall
Anti-virus
Anti-trojan
Anti-worm
Anti-browser hijacker
Anti-spyware
Application monitor

Each of these do something specific and perhaps overlap a little but no one single program does it all. A great anti-virus program does not necessarily catch all trojans and a great browser protection program will probably miss destructive worms. A layered approach is the most comprehensive and wisest way to go. Some of these are free or trialware but either be protected all around or be vulnerable from some direction.

Let us hear how it goes for you! Best wishes.

HMSS Q Section

Hi QSection,
{QUOTE-> quoting: QSection link=board=7;threadid=8585;start=30#60502 date=1052934757]As does Outpost (did not want to let that to slip by). <-QUOTE}

Sorry, but I can't agree about that! If I read the comparison of different firewalls and how effective they are against Leak Tests, Outpost isn't such a good firewall. But read for yourself:

http://www.pcflank.com/art21.htm

Regards,

Patrice

Patrice, I notice that you link is now relatively old & I am pretty sure Outpost does pass the leak tests etc as does Sygate Pro 5 - Most of these firewalls have had updates since the review some 15 months ago ;D

Hi Pilli & QSection,

O.K., might be. But I'm only convinced if you prove me wrong. QSection it's up to you to show me these results with your firewall!

Regards,

Patrice

Afraid I have have not got the resourecs to do that but if you read the texts with the test results you will see that Sygate, for instance, only needs a few setting changes to combat these threats. BTW L & S did not stop those threats at the time either on the basic settings.
It must be difficult for firewall developers to make a set of rules to fit all without hindering peoples surfing enjoyment - Much as you, Patrice, found that SSM was to "fiddly".

Well let's get back on track theis is the Port Explorer forum so we are "Off topic" maybe a discussion in the Firewalls forum may be better.

We can expect a new release of PE VERY soon so watch out for Jason's posting, there are some very nice new enhancements ;D

Hi Pilli,

O.K., here's my last statement as well to this issue. I never said Sygate is a bad firewall, actually it's a very good firewall as well. But you understand me right: correctly set. But even if Outpost is correctly set I doubt that it will protect you as well as the two we were talking about (at least inside-out, I don't know about outside-in).

Over and Out!

Hi Patrice,
The confusion is in the versions. I am beta testing Outpost version 2 which is now a release candidate. It does pass the leaktests. It is also to be released very soon. ( I won't tell you the exact date) I will tell you that I am using it on my mission crictical (work) computer with no concerns at all.
I don't remember if Q-section is a beta tester off hand but if he is, he just spoke a little too soon as version 1 didn't pass the leaktests like V2 does.
I haven't been in this forum in quite awhile and forgot how nice it is.
Chris

And as this is the Port Explorer forum, keep checking back for the DCS announcements soon in this PE field!
All the honor for those announcements go to the DCS developers, can tell you it's worth it!